Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: ciack020.htm

Majordomo open() call Vulnerability



Majordomo open() call Vulnerability Privacy and Legal Notice

CIAC INFORMATION BULLETIN

K-020: Majordomo open() call Vulnerability

January 26, 2000 00:00 GMT
PROBLEM:       A vulnerability in the wrapper program of Majordomo can
               be exploited to elevate a local user to a higher privilege.
PLATFORM:      All versions of Majordomo up to and including 1.94.4.
DAMAGE:        A local user's privileges could be raised to a higher level
               depending on which user Majordomo and the local mail delivery
               agent executes.
SOLUTION:      First, verify that Majordomo is configured correctly.
               Configuration information can be found in the README file
               which comes with the upgrade.  Then upgrade to
               Majordomo 1.94.5.

VULNERABILITY The risk is high. The exploit information has been made ASSESSMENT: publicly available and is being actively discussed on security mailing lists.
[ Begin AusCERT Advisory ] =========================================================================== AA-2000.01 AUSCERT Advisory Majordomo open() call Vulnerability 20 January 2000 Last Revised: -- - --------------------------------------------------------------------------- AusCERT has received information that a vulnerability exists in the majordomo package versions up to and including 1.94.4. This vulnerability may allow local users to gain the privileges of the user the majordomo process executes as and that of the local mail delivery agent. Exploit information involving this vulnerability has been made publicly available. AusCERT recommends that sites take the steps outlined in section 3 as soon as possible. This advisory will be updated as more information becomes available. - --------------------------------------------------------------------------- 1. Description The majordomo program is a popular application which automates the management of Internet mailing lists. More information on majordomo is available from: http://www.greatcircle.com/majordomo/ A vulnerability exists in majordomo versions up to and including 1.94.4. Exploit information involving this vulnerability has been made publicly available. 2. Impact This vulnerability may allow local users to gain the privileges under which majordomo and the local mail delivery agent executes. Depending on the local majordomo configuration this may be leveraged to gain additional privileges. 3. Solution The vendors of majordomo have produced a minor software release which addresses the vulnerability in versions 1.94.4 and earlier. Sites using affected versions should immediately upgrade to majordomo 1.94.5 which is available from: ftp://ftp.greatcircle.com/pub/majordomo/1.94.5/majordomo-1.94.5.tgz ftp://ftp.sgi.com/other/majordomo/majordomo-1.94.5.tgz 4. Additional measures Sites using majordomo should also take this opportunity to ensure that their majordomo is configured correctly. While correct configuration does not prevent the vulnerability listed in this advisory being exploited it may help limit the privileges a local user may gain. More information on this can be found in the INSTALL file and in the majordomo FAQ available at: http://www.greatcircle.com/majordomo/FAQ.html - --------------------------------------------------------------------------- AusCERT thanks Chan Wilson and Brock Tellier for their assistance in producing this advisory. - --------------------------------------------------------------------------- AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The appropriateness of this document for an organisation or individual system should be considered before application in conjunction with local policies and procedures. AusCERT takes no responsibility for the consequences of applying the contents of this document. If you believe that your system has been compromised, contact AusCERT or your representative in FIRST (Forum of Incident Response and Security Teams). AusCERT maintains an anonymous FTP service which is found on: ftp://ftp.auscert.org.au/pub/. This archive contains past SERT and AusCERT Advisories, and other computer security information. AusCERT also maintains a World Wide Web service which is found on: http://www.auscert.org.au/. Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for emergencies. Postal: Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 AUSTRALIA ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Revision History ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [ End AusCERT Advisory ]

CIAC wishes to acknowledge the contributions of AusCert for the information contained in this bulletin.
CIAC services are available to DOE, DOE Contractors, and the NIH. CIAC can be contacted at:
    Voice:          +1 925-422-8193 (7 x 24)
    FAX:            +1 925-423-8002
    STU-III:        +1 925-423-2604
    E-mail:          ciac@llnl.gov
    World Wide Web:  http://www.ciac.org/
                     http://ciac.llnl.gov
                     (same machine -- either one will work)
    Anonymous FTP:   ftp.ciac.org
                     ciac.llnl.gov
                     (same machine -- either one will work)

This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes.
UCRL-MI-119788
[Privacy and Legal Notice]


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH